Threat Hunting & Modern Security: 3 Fundamental Flaws: presented at DataConnectorsBoston 2020

by Jim Rohde,

Summary : Security Operations is a discipline continuously evolving – with the evolution of tools and processes, there are still many flaws that exist around people & process. We will examine 3 specific flaws of modern security operations: 1.) Risk Acceptance 2.) SOC Alert Overload 3.) Inability to mitigate all Zero-Day Attacks.We will start the discussion with a quick SOC capacity expertise, review in detail the 3 fundamental security flaws, revisit the math from the SOC capacity exercise to understand “what is being missed based upon my current capacity?” We will also cover costs to the business for associated with these flaws and wrap up with some suggestions for mitigation.